pxe+tftp+nfs+kickstart+dhcp实现无人值守安装centos7

环境准备

服务端与客户机均为workstation在自己台式机上虚拟化出来的虚拟机,虚拟机网络为nat,如下图所示
11v2
这里为什么要使用nat的方式呢,因为在企业,一般路由器上的dhcp服务我们不可能任意开关,但我们进行自动安装操作系统时是需要部署一个客户机能访问的dhcp服务的,如果使用桥接模式,那么就必须关闭路由器上的dhcp服务(路由器上的dhcp服务不能配置tftp等服务,但不论我们是否可以对其进行操作这对于公司内部的网络环境会造成影响),然后在局域网内部署一个dhcp服务,再通过该服务进行配置客户机的ip范围以及tftp相关配置,但这种方式依然会可能对内部网络造成影响,那么我们就可以在某台作了虚拟化的服务器上进行nat配置,然后在该虚拟化服务器上创建多台虚拟机,进而实现无人值守安装操作系统,当然如果是多台物理机器想要进行批量自动安装操作系统,就没有这个说法了,只能禁掉公司路由的dhcp服务,然后在某台已经安装好系统的服务器上安装dhcp等服务端,就可以实现无人值守安装

服务端需要安装的服务有nfs tftp rpcbind dhcpd xinetd ,服务端ip设为固定ip10.8.8.2

pxe原理图

11vm3

服务端配置

安装相关软件
yum -y install dhcp tftp tftp-server xinetd rpcbind syslinux nfs-utils system-config-kickstart.noarch system-config-kickstart

配置dhcp
cat /etc/dhcp/dhcpd.conf

ignore client-updates;

allow booting; #定义能够PXE启动

allow bootp; #定义支持bootp
            subnet 10.8.8.0 netmask 255.255.255.0 {
                range 10.8.8.3 10.8.8.100;
                next-server 10.8.8.2;               
                option routers 10.8.8.254;
                option domain-name-servers 202.103.24.68;
                filename "/centos7/ks.cfg";
                filename "pxelinux.0";
                default-lease-time 21600;
                max-lease-time 43200;
            }

挂在本地镜像
mount /dev/sr0 /mnt

配置nfs
mkdir /centos7
cp -rf /mnt/* /centos7/
cat /etc/exports

/centos7 10.8.8.0/24(rw,sync,no_root_squash,no_all_squash)

配置相关启动文件

cd /var/lib/tftpboot
cp /mnt/isolinux/initrd.img ./
cp /mnt/isolinux/vmlinuz ./
cp /usr/share/syslinux/pxelinux.0 ./
cp /mnt/isolinux/vesamenu.c32 ./
cp /mnt/isolinux/boot.msg ./
mkdir pxelinux.cfg
cd pxelinux.cfg
cp /mnt/isolinux/isolinux.cfg ./default

cat /var/lib/tftpboot/pxelinux.cfg/default

default PXE-CentOS7
timeout 1

display boot.msg
#prompt 1
# Clear the screen when exiting the menu, instead of leaving the menu displayed.
# For vesamenu, this means the graphical background is still displayed without
# the menu itself for as long as the screen remains in graphics mode.
menu clear
menu background splash.png
menu title CentOS 7
menu vshift 8
menu rows 18
menu margin 8
#menu hidden
menu helpmsgrow 15
menu tabmsgrow 13

# Border Area
menu color border * #00000000 #00000000 none

# Selected item
menu color sel 0 #ffffffff #00000000 none

# Title bar
menu color title 0 #ff7ba3d0 #00000000 none

# Press [Tab] message
menu color tabmsg 0 #ff3a6496 #00000000 none

# Unselected menu item
menu color unsel 0 #84b8ffff #00000000 none

# Selected hotkey
menu color hotsel 0 #84b8ffff #00000000 none

# Unselected hotkey
menu color hotkey 0 #ffffffff #00000000 none

# Help text
menu color help 0 #ffffffff #00000000 none

# A scrollbar of some type? Not sure.
menu color scrollbar 0 #ffffffff #ff355594 none

# Timeout msg
menu color timeout 0 #ffffffff #00000000 none
menu color timeout_msg 0 #ffffffff #00000000 none

# Command prompt text
menu color cmdmark 0 #84b8ffff #00000000 none
menu color cmdline 0 #ffffffff #00000000 none

# Do not display the actual menu unless the user presses a key. All that is displayed is a timeout message.

menu tabmsg Press Tab for full configuration options on menu items.

menu separator # insert an empty line
menu separator # insert an empty line

label PXE-CentOS7
  menu label ^Install System from PXE-CentOS7
  menu default
  kernel vmlinuz
  append initrd=initrd.img ks=nfs://10.8.8.2/centos7/ks.cfg ksdevice=ens33 ip=dhcp quiet

#label linux
#  menu label ^Install  CentOS 7
#  kernel vmlinuz
#  append initrd=initrd.img inst.stage2=hd:LABEL=CentOS\x207\x20x86_64 quiet
 
#label check
#  menu label Test this ^media & install CentOS 7
#  menu default
#  kernel vmlinuz
#  append initrd=initrd.img inst.stage2=hd:LABEL=CentOS\x207\x20x86_64 rd.live.check quiet

menu separator # insert an empty line

# utilities submenu
menu begin ^Troubleshooting
  menu title Troubleshooting

label vesa
  menu indent count 5
  menu label Install CentOS 7 in ^basic graphics mode
  text help
        Try this option out if you're having trouble installing
        CentOS 7.
  endtext
  kernel vmlinuz
  append initrd=initrd.img inst.stage2=hd:LABEL=CentOS\x207\x20x86_64 xdriver=vesa nomodeset quiet

label rescue
  menu indent count 5
  menu label ^Rescue a CentOS system
  text help
        If the system will not boot, this lets you access files
        and edit config files to try to get it booting again.
  endtext
  kernel vmlinuz
  append initrd=initrd.img inst.stage2=hd:LABEL=CentOS\x207\x20x86_64 rescue quiet

label memtest
  menu label Run a ^memory test
  text help
        If your system is having issues, a problem with your
        system's memory may be the cause. Use this utility to
        see if the memory is working correctly.
  endtext
  kernel memtest

menu separator # insert an empty line

label local
  menu label Boot from ^local drive
  localboot 0xffff

menu separator # insert an empty line
menu separator # insert an empty line

label returntomain
  menu label Return to ^main menu
  menu exit

menu end

ps:注意改配置文件中设置的网卡名字,一般虚拟化的主机网卡名字为ens33,根据你自动化部署的客户端操作系统的网卡名字修改

配置tftp
cat /etc/xinetd.d/tftp

service tftp
{
        socket_type             = dgram
        protocol                = udp
        wait                    = yes
        user                    = root
        server                  = /usr/sbin/in.tftpd
        server_args             = -s /var/lib/tftpboot
        disable                 = no
        per_source              = 11
        cps                     = 100 2
        flags                   = IPv4
}

配置kickstart应答文件
cat /centos7/ks.cfg

#version=DEVEL

install

nfs --server=10.8.8.2 --dir=/centos7

lang en_US.UTF-8

keyboard us


network –device=ens33 –bootproto dhcp –hosaname wang

rootpw 123456

firewall --service=ssh

authconfig --enableshadow --passalgo=sha512

selinux --disabled

timezone --utc Asia/Shanghai

bootloader --location=mbr  
clearpart --all --initlabel
part /boot --asprimary --fstype="xfs" --size=500
part swap --asprimary --fstype="swap" --size=2048
part / --asprimary --fstype="xfs" --size=20480

reboot

%packages

@core

sgpio

device-mapper-persistent-data

%end

ps:这里要注意分区分配的磁盘空间,我们在新建虚拟机的时候必须要大于这里面分配的分区大小,否则会在磁盘格式化分区这一步无法自动分区

系统服务配置

systemctl restart dhcpd   
systemctl restart tftp   
systemctl restart nfs   
systemctl restart xinetd   
systemctl restart rpcbind   
systemctl stop firewalld   
systemctl disable firewalld   
systemctl enable dhcpd   
systemctl enable tftp   
systemctl enable nfs   
systemctl enable xinetd   
systemctl enable rpcbind   
sed -i 's/enforcing/disabled/g /etc/sysconfig/selinux'   

问题说明

1、在创建客户机虚拟机的时要注意分配磁盘大小要高于ks.cfg里的设置,同时虚拟机的网络连接也应该是nat方式
2、在具体测试过程中tftp会断,目前原因不清楚,故写了一个脚本监测并重启
cat check.sh

#!/bin/bash
 
if [ `ps -ef|grep tftp | grep -v grep | wc -l` -eq 0 -o `ps -ef|grep tftp | grep running | wc -l` -eq 0 ];then
  systemctl start tftp
else
  exit 0
fi

加入加护任务
crontab -e

*/1 * * * * /bin/bash /root/check.sh

3、上面拷贝的动作

cp /mnt/isolinux/initrd.img ./cp /mnt/isolinux/vmlinuz ./    

有些资料里写的是

cp /mnt/images/pxeboot/initrd.img /var/lib/tftpboot/   
cp /mnt/images/pxeboot/vmlinuz /var/lib/tftpboot/    

比较了一下,这两个位置的文件名相同,大小也相同,如果在安装时出现错误,可以试着分别使用这两个位置的文件看是否成功

4、使用本文的nat网络环境可以不用禁用公司内部dhcp服务,但也有局限性,就是只能在nat后的网段进行自动安装,比如本文中家庭局域网网段是192.168.0.0/24,在本机(192.168.0.100)上通过安装workstation来创建了多台以nat方式网络连接的虚拟机,网段为10.8.8.0/24,那么就只能在10.8.8.0/24网段内进行无人值守批量自动化安装操作系统

5、也可以在桥接模式下进行无人值守安装,但是需要禁用路由器上的内网dhcp服务,同时workstation的网络模式也要改为桥接模式